|
97 | 97 | \end{itemize} |
98 | 98 | %%%%% |
99 | 99 |
|
| 100 | +ifdef([[[NOSPELLCHECK]]], [[[ |
100 | 101 | \pdfbookmark[1]{getpwnam, getpwuid, getpwent}{getpw} |
| 102 | +]]]) |
101 | 103 |
|
102 | 104 | \label{GETPW_FUNC} |
103 | 105 | \begin{slide} |
104 | 106 | \sltitle{Obtain user/group information} |
105 | 107 | \begin{itemize} |
| 108 | +ifdef([[[NOSPELLCHECK]]], [[[ |
106 | 109 | \item \texttt{struct passwd *\funnm{getpwnam}(const char *name)} |
107 | | - |
| 110 | +]]]) |
108 | 111 | return structure describing user found in password database or NULL. |
109 | 112 |
|
| 113 | +ifdef([[[NOSPELLCHECK]]], [[[ |
110 | 114 | \item \texttt{struct passwd *\funnm{getpwuid}(uid\_t uid)} |
111 | | - |
| 115 | +]]]) |
112 | 116 | ditto; perform search according to UID. |
113 | | - |
| 117 | +ifdef([[[NOSPELLCHECK]]], [[[ |
114 | 118 | \item \texttt{void \funnm{setpwent}(void)} |
115 | 119 | \item \texttt{void \funnm{endpwent}(void)} |
116 | 120 | \item \texttt{struct passwd *\funnm{getpwent}(void)} |
117 | | - |
| 121 | +]]]) |
118 | 122 | these functions traverse password database. \funnm{setpwent} rewinds to the |
119 | 123 | beginning of the password database, \funnm{getpwent} gets the current entry, |
120 | 124 | \funnm{endpwent} closes the password database and free allocated resources. |
|
150 | 154 | \begin{itemize} |
151 | 155 | \item today's systems are not confined to only using |
152 | 156 | \texttt{/etc/passwd} and \texttt{/etc/groups} |
153 | | -\item such systems have \emph{databases} (passwd, groups, protocols, \dots) |
| 157 | +\item such systems have \emph{databases} (\texttt{passwd, groups, protocols}, |
| 158 | +\dots) |
154 | 159 | \item database data come from \emph{sources} (files, DNS, NIS, LDAP, \dots) |
155 | 160 | \item file \texttt{nsswitch.conf} defines what databases use what sources |
156 | 161 | \item library functions must support this, obviously |
157 | | -\item it is possible to combine some sources, eg. users may be first be searched |
| 162 | +\item it is possible to combine some sources, e.g. users may be first be searched |
158 | 163 | in \texttt{/etc/passwd}, then in LDAP |
159 | 164 | \item came first with Solaris, other systems took over the idea |
160 | 165 | \end{itemize} |
|
364 | 369 | \end{itemize} |
365 | 370 |
|
366 | 371 | %%%%% |
367 | | - |
| 372 | + |
| 373 | +ifdef([[[NOSPELLCHECK]]], [[[ |
368 | 374 | \pdfbookmark[1]{getuid, getgid, geteuid, getegid, getgroups}{getuid} |
| 375 | +]]]) |
369 | 376 |
|
370 | 377 | \begin{slide} |
371 | 378 | \sltitle{Process owner identification} |
372 | 379 | \begin{itemize} |
| 380 | +ifdef([[[NOSPELLCHECK]]], [[[ |
373 | 381 | \item \texttt{uid\_t \funnm{getuid}(void)} |
374 | | - |
| 382 | +]]]) |
375 | 383 | returns real user ID of the calling process. |
| 384 | +ifdef([[[NOSPELLCHECK]]], [[[ |
376 | 385 | \item \texttt{uid\_t \funnm{geteuid}(void)} |
377 | | - |
| 386 | +]]]) |
378 | 387 | returns effective user ID of the calling process. |
| 388 | +ifdef([[[NOSPELLCHECK]]], [[[ |
379 | 389 | \item \texttt{gid\_t \funnm{getgid}(void)} |
380 | | - |
| 390 | +]]]) |
381 | 391 | returns real group ID of the calling process. |
| 392 | +ifdef([[[NOSPELLCHECK]]], [[[ |
382 | 393 | \item \texttt{gid\_t \funnm{getegid}(void)} |
383 | | - |
| 394 | +]]]) |
384 | 395 | returns effective group ID of the calling process. |
385 | | - |
386 | 396 | ifdef([[[NOSPELLCHECK]]], [[[ |
387 | 397 | \item \texttt{int \funnm{getgroups}(int \emph{gidsz}, gid\_t \emph{glist}[])} |
388 | 398 | ]]]) |
|
398 | 408 | groups. When \texttt{0 < gidsz < \#groups}, it returns \texttt{-1}. |
399 | 409 | \item In Unix, there are many data types such as \verb#uid_t#, \verb#gid_t#, |
400 | 410 | \verb#size_t#, \verb#pid_t#, etc. In general, these are integer types and you |
401 | | -can often find them in the \texttt{/usr/inc{}lude/sys/types.h} header file. |
| 411 | +can often find them in the |
| 412 | +ifdef([[[NOSPELLCHECK]]], [[[\texttt{/usr/inc{}lude/sys/types.h}]]]) header |
| 413 | +file. |
402 | 414 | \item Solaris has the \texttt{pcred} command that provides process |
403 | 415 | identification information in a simple form: |
404 | 416 |
|
|
411 | 423 |
|
412 | 424 | %%%%% |
413 | 425 |
|
| 426 | +ifdef([[[NOSPELLCHECK]]], [[[ |
414 | 427 | \pdfbookmark[1]{setuid, setgid, setgroups}{ownerchange} |
| 428 | +]]]) |
415 | 429 |
|
416 | 430 | \begin{slide} |
417 | 431 | \sltitle{Process owner change} |
418 | 432 | \begin{itemize} |
| 433 | +ifdef([[[NOSPELLCHECK]]], [[[ |
419 | 434 | \item \texttt{int \funnm{setuid}(uid\_t \emph{uid});} |
| 435 | +]]]) |
420 | 436 | \begin{itemize} |
421 | 437 | \item in process with EUID~==~0 sets RUID, EUID and saved-SUID to |
422 | 438 | \texttt{uid} |
423 | 439 | \item for other processes it sets just EUID, and \texttt{uid} must be |
424 | 440 | either equal to RUID or saved UID |
425 | 441 | \end{itemize} |
| 442 | +ifdef([[[NOSPELLCHECK]]], [[[ |
426 | 443 | \item \texttt{int \funnm{setgid}(gid\_t \emph{gid});} \\ |
| 444 | +]]]) |
427 | 445 | similar to \texttt{setuid}, for group-IDs of the process. |
428 | 446 | ifdef([[[NOSPELLCHECK]]], [[[ |
429 | 447 | \item \texttt{int \funnm{setgroups}(int \emph{ngroups}, |
|
0 commit comments